ibm
8,173 tracked vulnerabilities.
CVE-2023-47144
MEDIUM
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0-7.3.0.10 - Cross-Site Scripting
Feb 02, 2024
CVSS 6.1
EPSS 0.00
CVE-2023-47143
CRITICAL
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0-7.3.0.10 - HTTP Header Injection via HOST Header
Feb 02, 2024
CVSS 10.0
EPSS 0.00
CVE-2023-38263
MEDIUM
IBM SOAR QRadar Plugin App <5.0.3 - Privilege Escalation
Feb 02, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-38020
MEDIUM
IBM SOAR QRadar Plugin App <5.0.3 - Info Disclosure
Feb 02, 2024
CVSS 4.3
EPSS 0.00
CVE-2023-38019
HIGH
IBM SOAR QRadar Plugin App 1.0-5.0.3 - Path Traversal via URL Request
Feb 02, 2024
CVSS 8.1
EPSS 0.00
CVE-2023-46159
LOW
IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 - Authenticated Denial of Service
Feb 02, 2024
CVSS 2.6
EPSS 0.00
CVE-2023-50962
MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - Cleartext Transmission of Sensitive Information
Feb 02, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-50941
MEDIUM
IBM PowerSC <2.2 - Privilege Escalation
Feb 02, 2024
CVSS 6.3
EPSS 0.00
CVE-2023-50938
MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - Clickjacking
Feb 02, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-50935
MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - Unauthenticated Direct Request Access
Feb 02, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-50934
MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - Improper Authentication
Feb 02, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-50328
LOW
IBM PowerSC 1.3, 2.0, 2.1 - Session Identifier Exposure via URL Query String
Feb 02, 2024
CVSS 3.7
EPSS 0.00
CVE-2023-32333
MEDIUM
IBM Maximo Asset Management 7.6.1.3 - Unauthenticated Admin Panel Access
Feb 02, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-50940
MEDIUM
IBM PowerSC 1.3, 2.0, 2.1 - Permissive Cross-domain Security Policy with Untrusted Domains
Feb 02, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-50937
MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - Use of a Broken or Risky Cryptographic Algorithm
Feb 02, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-50936
MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - Authenticated Session Fixation via Insufficient Session Expiration
Feb 02, 2024
CVSS 6.3
EPSS 0.00
CVE-2023-50933
MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - HTML Injection
Feb 02, 2024
CVSS 6.1
EPSS 0.00
CVE-2023-50327
MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - Unauthorized File Request Modification via Insecure HTTP Methods
Feb 02, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-50326
HIGH
IBM PowerSC 1.3, 2.0, and 2.1 - Inadequate Account Lockout Setting
Feb 02, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-50939
MEDIUM
IBM PowerSC 1.3, 2.0, and 2.1 - Use of a Broken or Risky Cryptographic Algorithm
Feb 02, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-47141
MEDIUM
IBM Db2 < 11.5.9 - Authenticated Denial of Service via Crafted Query
Jan 22, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-47747
MEDIUM
IBM DB2 10.5.0.0-10.5.0.10 - Authenticated Denial of Service via Crafted Query
Jan 22, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-47158
MEDIUM
IBM DB2 10.5-11.5 - Authenticated Denial of Service via Crafted Query
Jan 22, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-47152
MEDIUM
IBM Db2 < 11.5.9 - Information Disclosure via Stack Trace
Jan 22, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-27859
MEDIUM
IBM Db2 10.5.0.0-10.5.0.10 - Uncontrolled Search Path Element via Malicious JAR File Installation
Jan 22, 2024
CVSS 6.5
EPSS 0.00
Products
websphere_application_server 444
aix 393
db2 327
rational_quality_manager 202
sterling_b2b_integrator 195
infosphere_information_server 188
qradar_security_information_and_event_manager 187
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 102
sterling_file_gateway 93
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
vios 85
rational_software_architect_design_manager 81
api_connect 79
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 63
Quick Filters